Group offers 5 steps to federal IT reform

The Software & Information Industry Association has issued a guide with five recommendations to help federal CIOs and IT companies work together to effectively transition to a new cloud-based environment.

SIIA’s newly created Public Sector Innovation Group released the guide as part of the National Institute of Standards and Technology’s Cloud Computing Forum and Workshop, which kicked off June 5, and to coincide with the June 9 deadline for the 18-month deliverables for the 25-Point Plan to Reform Federal IT, released in December 2010.

The government is at the starting line for transforming federal IT, not the finish line, according to the SIIA white paper, “Beyond the 25 Point Plan: A Roadmap to Implementing Cloud Computing and Reforming Federal IT.”

Many of the 25 points put the building blocks in place but do not affect change, the paper states. For instance, the plan calls for a shift to a cloud-first strategy in which agencies must consider cloud computing as the first option for new IT projects. Agencies have shifted in theory, but still not one cloud service provider has been certified to provide cloud computing broadly under the Federal Risk and Authorization Management Program.

Additionally, the plan calls for procurement reforms and for the hiring of a cadre of specialized IT acquisition personnel. Although the plan is in place and training programs have been developed, “how many acquisition personnel have actually been deployed?” SIIA officials ask.

Agencies also are tasked with implementing a number of policies to reduce the cost of IT and improve service to citizens, including the Federal Data Center Consolidation Initiative, Cloud First, Shared Services Strategy and FedRAMP.

Taken at face value, the policies might appear to be in conflict. However, a deeper look reveals that the policies work together as tools in a toolbox to help agencies leverage new and innovative technologies available as a result of the shift toward cloud computing, the paper states.

As a result, SIIA provides specific recommendations for fostering development of the cloud and harnessing its full economic potential, said Michael Hettinger, director of the SIIA Public Sector Innovation Group.

The report offers five key recommendations for federal decision-makers:

1. Continue to promote the “Cloud First” policy developed in 2010.

As identified in the Cloud First policy, an estimated $20 billion of the federal government’s $80 billion IT spending is a potential target for migration to cloud computing solutions. Moving forward from the first 18-month cycle of implementation of this policy, the government should develop concrete benchmarks to meet the initial $20 billion shift to cloud and establish metrics for the next phase migrations, the paper states.

2. The Office of Management and Budget and the General Services Administration should work together and with industry to review and recommend changes to capital planning and procurement regulations that might hinder government's rapid acquisition of innovative technologies.

This means a review of the current OMB Exhibit 300 process to ensure its relevancy in today’s world of on-demand cloud computing, Hettinger said.

3. Promote changes to the federal acquisition process and culture to ensure they keep pace with evolving technology. As a result, issues raised in the original 25-Point Plan that have not yet been fully addressed should be dealt with. For example:

Developing and deploying a cadre of specialized IT acquisition professionals.

Identifying and sharing IT acquisition best practices.

Developing and issuing contracting guidance and templates that support modular IT development.

4. Lower the barrier of market entry for small businesses.

GSA should ensure that the FedRAMP certification process is open, fair and accessible to all cloud service providers who meet or have the potential to meet the baseline security requirements, recognizing the unique nature of what small businesses bring to the table from a cloud perspective and meeting the spirit of the 25-Point Plan by reducing the barrier to federal market entry for small IT businesses.

5. Develop a comprehensive federal IT strategy road map.

OMB should review, revise and consolidate the policy memorandums and implementing guidance associated with the Cloud First, Shared First/Shared Services Strategy, and the Federal Data Center Consolidation Initiative, into a single Federal IT Strategy Roadmap.

“There is so much guidance that agencies can get distracted by competing priorities,” Hettinger said. A single Federal IT Strategy Roadmap would eliminate conflicting guidance and redundancy, providing clarity to agencies on prioritization of IT projects, highlighting the complementary nature of these initiatives, the paper states.

“With budgets tightening, and the 25-Point Plan deadline looming, this is a critical time for federal IT reform,” Hettinger said.

“Working closely with both federal IT executives and so many companies that do business with the government gives us a unique perspective on the future of IT reform. At this important time, our goal is to help focus attention on what we see as the core priorities,” Hettinger said.

SIIA has played a pivotal role in the development and legitimization of the software as a service and cloud computing models. Many of SIIA’s more than 500 member companies are key enablers of cloud computing.

The full report, which includes detailed discussion of each recommendation, is available here.

inside gcn

Reader Comments

Mon, Jul 30, 2012

I thought the out-sourcer buddies of the pols couldn't handle FED-RAMP controls so the administration suspended them. Of course the FISMA controls still apply to the in-sourced feds. Where is the equivalent cost benefit? Who's the loser? Anyone who expects information security is going to lose in this turbulent environment. The same standards must apply to both environments or its not a standard.

Thu, Jun 7, 2012

In short, turn it all over to contractors. What a large earthernware container. 1. Standardize and common-service all federal (including DOD) IT and comm functions wherever possible. 2. As service contracts expire, or new missions appear, do an honest cost-benefits study on doing the work in-house versus outsourcing. 3. Forget about the 'cloud' buzzword, and call it what it is- outsourcing the data center. Only do it when it makes cost-benefits sense, and enough belt-and-suspenders backups are in place in case that cloud turns into rain, taking mission-critical data with it.

Please post your comments here. Comments are moderated, so they may not appear immediately
after submitting. We will not post comments that we consider abusive or off-topic.